Configuring Advanced Settings

About this task

Additional IP routes enable the Sophos
Web Appliance to process requests from
client machines with IP addresses that reside outside of the appliance’s subnet by
re-routing the requests from those IP ranges.

Note

The appliance uses 172.24.24.173 to run the Setup Wizard. If your local
network also uses addresses in the range of 172.24.24.0-255, adding an additional route that
includes this address will cause routing conflicts. Adding routes incorrectly can make the
administrative web interface inaccessible. See Adding Routes
for more information.

Procedure

This range must not include the static IP address of the
appliance. It must also be outside of the appliance’s subnet. Always enter URLs to
numbered directories using fully qualified domain names rather than IP addresses.
The Web Appliance interprets any
dotted quad followed by a slash and a number less than 33 as a CIDR range. Thus, a
URL entered as an IP address followed by a numbered directory from 0 to 32 is
improperly treated as a CIDR range.

Enter the Gateway IP Address to which you want to route the
IP addresses. This address should be on the same subnet as the appliance

Click Add.

To modify a route, you must delete it and add it again with the modified route
information.

Note

If a route makes the administrative web interface inaccessible, you must
delete the incorrect routes. Connect a laptop to the configuration port of the
appliance and access the appliance by connecting to
172.24.24.173.

To delete a route:

Select the check box beside the route that you want to delete.

Click Delete.

What to do next

The Hostname to IP Address map feature allows you to map a hostname
to an IP address. This feature is used to resolve hostnames or sites (for example, Active
Directory servers) that the configured DNS server is not aware of. This is the same as
implementing a hosts file on a server or workstation.

To map a hostname to an IP address:

Enter an IP address in the IP Address text box.

Enter a hostname in the Hostname text box.

Click Add.

Note

For Active Directory to work properly when the DNS server is not aware
of the Active Directory server, you may need to include the following entries for your
Active Directory server. Behavior of the the Active Directory service may be affected by
the order of these entries. In most cases, the FQDN should be added first.

The port numbers must be between 1024 and 65535. Reserved ports that
cannot be used include: 8080, 8443, 8445, 8777, 10000, 13128, and 18081. Port 8080
is always used by default. You can enter spaces after commas.

Click Add.

To modify the list of TCP listening ports:

Edit the list of comma separated port numbers that the appliance will use to listen
for web connections.

The port numbers must be between 1024 and 65535. Spaces after
the commas are allowed.

Click Add. If no ports are listed, the default of 8080 port
8080 will be used.